Network workstations can ping and tracert website, but cannot browse!

[toksoladuti]

We have a really weird problem, which has me stumped. We have a small Windows 2003 domain with 10 Windows XP SP2 workstations. We have a Watchguard firewall and everything was fine until yesterday. Now, the server can browse the internet with no problems, however none of the workstations can browse the internet. They can all ping and run a trace route and clearly resolve the IP address of any site, but I cannot browse, regardless of whether I use the FQDN or IP address! My first thoughts were malware of some sort, so I ran "netsh int ip reset", "netsh winsock...", a registry removal of winsock, "sfc /scannow" and even ran winsockxpfix with no luck. I thought maybe the DNS of the domain controller was playing up, so I manually changed the DNS details on one of the workstation to the two DNS servers of our ISP and this didn't work. I've ran multiple anti-virus and anit-malware scans which have found nothing. And now I can't think of any other options, so any help would be grately appreciated. Thnx.

 

[TechCarnivore]

Odd problem indeed. I would suggest running the Configure Email and Internet Wizard on your SBS server as a starting point.

 

[bcastner]

so I manually changed the DNS details on one of the workstation to the two DNS servers of our ISP and this didn't work.

That would never work. The only DNS server entry at the workstations should be the IP of your DNS server. Nothing else.

Have you tried a complete powerdown recycle of all switches, routers, modems and hardware firewall products? In cases where connection loss is sudden as you describe, a power cycle of all hardware should be your first step. Sofware configuration is way down the troubleshooting ladder.





____________________________
Users Helping Users

 

[elmurado]

In the watchguard, check that the workstations haven't been stuck in the blocked hosts(under WSM>Blocked Hosts).
Have you changed the HTTP service or the proxied HTTP service at all?
Try Bcastner's troubleshooting up the stack advice first though.
If things are still weird, check the traffic monitor and see what happens when you do try and browse...

 

[toksoladuti]

Hi and thanks for the suggestion so far.

TechCarnivore: Cheers, but this is a standard edition Windows 2003 server, which doesn't have a Configure Email and Internet Wizard.

bcaster: Thanks, but power cycling the whole system was my first call (sorry I didn't note that in my first post). Also, changing the DNS from the server's IP will only affect the Active Directory (internal) network. Putting the ISP DNS details directly in the workstation network connection settings (such as found in a peer to peer) network was so that I could check whether we had internet connectivity if we by-passed the server for DNS forwarding.

elmurado: Cheers, but I gone through the firewall config by GUI and configuration text and there is definately nothing blocking the workstations and the http service has not changed.

Weird, eh?

 

[cyberspace]

Ensure that there is not a rogue proxy server entry for the workstatsions (Tools > Internet Options > Connections > LAN Settings).

I have had this issue before and the cause was due to a redundant, yet still running version of ISA issuing hosts with rogue configurations.

'When all else fails.......read the manual'

 

[626F62]

Norton internet security, or windows firelwall... switch them off and try again (always ALWAYS the cause of connection issues i see)

other than that what about permissions??

 

[toksoladuti]

Bloody weird problem, but I've got it sorted. I connected a laptop direct to the router and gave it a public IP and bingo I has internet access. Moving the laptop behing the firewall resulted again in only the server being able to access the internet, so that clearly said that the problem was the Watchguard SOHO6 firewall. I quadruple-checked every single setting, and it was all perfect. So I threw my hands up and did a factory reset, re-installed the firmware and re-configured it exactly as it was. Now internet access has been restored to all users. I don't think I'll ever understand why the server could still browse, but the workstaion only ping, but it works and now I'm going to the pub. Many thanks to everyone (TechCarnivore,bcaster, elmurado,cyberspace and 626F62) for their advice.

 

[626F62]

lol no worries.. we use alot of the soho6's around here, and once done we rearly have problems, but if we do get a problem they is a pain in the arse!!